I found the https://intelexit.org/ website unconvincing. There is only one argument that can be made against any genuinely oppressive institution (funny how examinations into the why in history has never lead to any workable suggestions other than don't do it again).
So here is the one argument: If the principles or ideals that your institution represents are legitimate, why is there excessive secrecy, or does your institution only believe loyal individuals can understand their policies or goals?
On a side note, what is the legal culpability of someone who wasn't on the radar of an investigation, is alleged to be involved by a third party already admittedly unreliable due to lies, as a result, the first party faces the full brunt of an investigation for a decade while the third party goes off scott free? This is one of self-evident impropriety things.
Sent with [ProtonMail](https://protonmail.com) Secure Email.
https://news.yahoo.com/identity-crisis-fbi-plays-catch-up-as-cyber-threats-…
[Jenna McLaughlin](https://www.yahoo.com/author/jenna-mclaughlin)
National Security and Investigations Reporter
,
[Yahoo News](https://www.yahoo.com/news/)•May 15, 2019
[Photo illustration: Yahoo News; photos: AP, Getty Images (4).]
Photo illustration: Yahoo News; photos: AP, Getty Images (4).
In the spring of 2017, the Federal Bureau of Investigation was on the cusp of a dramatic overhaul of the agency’s cyber capabilities. The FBI was wrapping up an agency-wide survey, and one option on the table included getting rid of the bureau’s central cyber division altogether and dispersing digital experts throughout its 56 regional offices.
But just days before FBI officials were scheduled to brief the director on the results of the survey, according to a bureau official working there at the time, President Trump fired James Comey, the bureau’s head.
Comey, who says he was fired after refusing to pledge loyalty to the president, recalled that episode at a [recent conference](https://podcasts.apple.com/us/podcast/bonus-edition-james-comey… in Washington. “I failed to push us to the decision point of how do we want to deploy against this threat aggressively enough,” he said. “Should we have a cyber division or blow it up?”
He never got the opportunity to make that decision, however. Chris Wray, the current FBI director, “is wrestling with that now,” Comey said.
According to Tonya Ugoretz, the deputy assistant director of the bureau’s cyber division, her office isn’t going anywhere. “There are no plans to not have a cyber division,” she told Yahoo News during an interview. The division “is the locus of all our intrusion investigations, whether that’s nation state or criminal.”
Regardless of the structure, the bureau’s top officials recognize a paradigm shift.
In the United States, digital criminals using everything from weaponized botnets to ransomware are attacking private industry and the government on a daily basis, increasing the demand for experts with skills in cybersecurity, intelligence and law enforcement. So, after nearly two decades of focusing on terrorism and intelligence, the FBI is in the midst of an even more intensive shift toward cyber.
While the bureau has a history of being run by agents with guns, more funding and priority is now being funneled into behind-the-scenes digital experts who can watch network traffic and unravel digital trails back to hackers, and who can explain online activity to judges and secure subpoenas for tech companies. The Department of Justice [budget request to Congress for 2019](https://www.justice.gov/jmd/page/file/1034366/download) asks for $370 million to fund the FBI’s cyber investigations and related work.
Now “every field office has a cyber squad” modeled after lessons learned fighting terrorism, said Ugoretz, speaking earlier this year at a conference in Sea Island, Ga. Some field offices are being assigned as leads for specific attacks or threat actors, she said. There is also a rapid response team that can be deployed out of headquarters in Washington at a moment’s notice.
Yet even as the FBI’s need for cyber experts is increasing, its ability to retain agents and employees with the needed technical expertise is under threat. According to interviews with over a dozen former FBI cyber employees as well as other national security experts, a cyber “brain drain” is taking place at the bureau that could hamper its ability to stem the constant flow of digital threats.
The FBI’s loss comes at a critical time. With the 2020 presidential elections approaching, and concerns about foreign interference as well as theft of trade secrets and intellectual property, the need for cyber experts is likely to increase. “Make no mistake, the threat just keeps escalating,” Wray, the current FBI director, told a Senate panel this week, “and we’re going to have to up our game to stay ahead of it.”
That means more than just focusing on Russian influence campaigns. On Tuesday, Florida Gov. Ron DeSantis announced the FBI has briefed him on 2016 Russian hacks of two county election systems in the state.
“Certainly we expect our adversaries will not only continue to evolve technologically, but they’re also always learning from each other,” Ugoretz told Yahoo News. “Much of the conversation from 2016 and 2018 was about Russian efforts to influence the election. But we’re focused on all threats, whether it’s influence or interference in election infrastructure.”
Some of the FBI’s first forays into the digital world came in the 1990s, when computer crimes started to come under the agency’s purview. In the early days, a large percentage of those cases involved tracking child pornography, like the “Operation Innocent Images” case in 1993 that [revealed](https://www.fbi.gov/history/famous-cases/operation-innocent-image… an online network of child predators based off a search for a missing boy in Brentwood, Md. By 2007, according to the FBI, the bureau opened more than 20,000 similar cases.
[Stacey Bradley]
FBI supervisory special agent Stacey Bradley. (Photo: Matt Houston/AP)
In 1994, the bureau caught a glimpse of what has today become common: international adversaries committing crimes online. After multiple large banks noticed $400,000 was missing from their coffers, the FBI [was ultimately led](https://www.fbi.gov/news/stories/a-byte-out-of-history-10-million-hack) to a ring of criminal hackers led by a man in St. Petersburg, Russia. Bigger cases followed, like the FBI’s Moonlight Maze, a sophisticated, ongoing digital campaign to steal military technologies that was ultimately linked back to Moscow.
Tim Gallagher, managing director in the business intelligence and investigations practice at Kroll, a division of global advisory firm Duff & Phelps, first got into the cyber field at the FBI in the late 1990s, working on criminal intrusion cases in a small field office in Ohio. There, he attended one of the first meetings of a task force called [InfraGard](https://www.infragard.org/) focused on working with the private sector to protect infrastructure in Cleveland.
From Ohio, Gallagher “saw a gradual shift of pretty much every violation we worked on” to the point that each investigation had “a cyber piece.” It was “not about going in and grabbing evidence out of filing cabinets anymore,” he said.
After the terrorist attacks of Sept. 11, the FBI pivoted from a focus on locking up criminals and busting gangs and drug rings to predicting and stopping the next extremist plot at any cost, bulking up intelligence resources and linking up with foreign intelligence agencies for unprecedented information sharing. In 2002, the FBI’s cyber division at FBI headquarters in Washington was created to pursue investigations of “cyber-based terrorism, espionage, computer intrusions and major cyber fraud.”
The FBI employs a variety of different employees to defend against the cyberthreat at its headquarters, around the country and overseas. “By default, everyone talks about agents and analysts,” said Ugoretz, who arrived at the bureau in 2001.
But the division also employs computer scientists, data scientists and data operation specialists, among others. At FBI field offices, each has a cyber task force, and major cities now host a few dozen cyber experts, while smaller ones may be home only to a handful.
According to multiple former FBI employees, former bureau director Robert Mueller— now better known for his role as the special counsel investigating Russian interference in the 2016 presidential election — worked to professionalize the analyst workforce during his tenure, around the same time the bureau began implementing career tracks, one of which was cyber-focused.
Previously, an agent’s ticket to promotion was[disrupting a possible terrorist plot](https://theintercept.com/2016/02/18/fbi-wont-explain-its-bizarre-new-…, by making an arrest, seizing assets or blocking someone from committing an ideologically motivated crime. But at the end of Mueller’s tenure as FBI director, agents started getting pulled off of counterterrorism squads to work on cyber investigations, and the cyber division was [reorganized](https://oig.justice.gov/reports/2015/a1529.pdf) to focus exclusively on intrusions, i.e., hacks or unauthorized computer access as opposed to crimes that had only a digital component. “Around 2013, the writing was on the wall that cyber was becoming a higher priority than it had ever been before,” said Jim Harris, a former FBI agent who worked on cyber cases and later co-founded a startup.
At the same time, the bureau was applying lessons from fighting terrorism to the digital realm. “The FBI shifted its cyber intrusion emphasis from reacting to cyber-attacks to predicting and preventing them,” [according to](https://oig.justice.gov/reports/2015/a1529.pdf) a 2015 DOJ Inspector General report.
The emphasis on prediction and prevention resulted in other changes. For example, child pornography, a digitally enabled crime that occupied a large amount of cyber agents’ time, was shifted to the criminal division, freeing up other agents to do more intelligence-related work. This shift toward broader national security may have come from a bureauwide effort “because that’s where the money is,” said one former FBI agent who requested anonymity to speak candidly. The FBI “constantly ceded ground to other agencies as a result of this.”
Ugoretz argues the “shift” toward cybercrime has been gradual, and that the bureau’s primary targets have not changed. “I don’t know if I can speak of a specific transition,” she told Yahoo News. “This has been a gradual evolution. The bureau has always adapted to new technologies; I see cyber in much the same way.”
By around 2010, cyber investigations were already bleeding into all of the FBI’s major operational divisions, from counterintelligence to counterterrorism, according to Harris.
In one case, the [bureau arrested](https://www.theatlantic.com/technology/archive/2014/05/hacker-sab… Hector Xavier Monsegur, known online as Sabu, for hacking private U.S. businesses and government agencies, then used him as an informant to indict other hackers. The bureau [spent years](https://www.politico.com/magazine/story/2018/11/21/junaid-hussain-mo… hunting down terrorists disseminating propaganda and committing crimes online. In more recent years, the bureau has been at the forefront of the biggest cyber cases in modern history, including Russian interference in the 2016 U.S. presidential election and Chinese state-directed hacking.
In a recent case from January of this year, a U.S. company and its 600 or so employees suffered a ransomware attack that “completely crippled their operations,” threatening to shut down the business entirely, said Ugoretz. However, the cyber division had experience with the perpetrator, and intelligence that enabled them to help unlock the company’s files and restore operations in three days.
[Hector Xavier Monsegur]
Hector Xavier Monsegur leaves court in New York City on May 27, 2014. (Photo: Seth Wenig/AP)
While the bureau’s major arrests in cyber cases often make headlines, the numbers are too small to make a significant dent in cyber crime, according to analysis from national security think tank Thirdway, which[determined](https://www.thirdway.org/memo/readers-guide-to-understand… that the FBI is arresting the perpetrators in less than 1 percent of malicious cyberattacks.
Part of the problem is that cyber crimes are committed by a variety of people and organizations, ranging from nation states and criminals to terrorists and organized criminal gangs, according to Jim Baker, the former FBI general counsel now working on cybersecurity and workforce issues at R Street, a think tank. Because of the overlapping responsibilities involved in dealing with those different types of threats, “the cyber division has a bit of an identity crisis,” said Baker, who noted he is a supporter of the division despite its issues.
The problem that Baker refers to can be seen in both the lower and higher levels of the FBI. Over the last two years, the press has tracked several high-profile departures from the FBI’s senior cyber leadership. In July of last summer, the Wall Street Journal [revealed](https://www.wsj.com/articles/three-top-fbi-cybersecurity-official… three top FBI cyber officials were leaving within the same month, and [Politico detailed](https://www.politico.com/story/2018/08/03/fbi-cyber-security-tale… the loss of about 20 “cybersecurity leaders” — a fraught time for the FBI with a near constant barrage of criticism from the president.
At the top levels, the investigation into Hillary Clinton’s email server and routine attacks from President Trump have taken a toll, according to several former FBI officials. But the cyber brain drain is affected by many factors, and as the FBI transitioned from a building run by agents with guns to an agency full of technical experts, retention of those with cyber skills has become a major problem.
Both senior officials and more junior FBI employees are eyeing the door or have already left for a number of reasons, according to former FBI employees who spoke with Yahoo News. One of the major issues they cited has been the relationship between the field offices and headquarters, and the lack of clarity on how cyber skills would be incorporated into cases.
The question for Comey, who was weighing the plan to eliminate the cyber division, was whether having a part of the bureau dedicated to a specific criminal vector, like the internet, made sense. After all, the bureau never created an automobile division, despite the revolutionary shift in crime cars brought about. “Criminals were suddenly moving at breathtaking speeds at distances we couldn’t imagine,” he said. “The challenge for the FBI was, you couldn’t have an automobile division. …Everybody had to learn to drive.”
Experts argue that Comey’s comments make sense, and that the bureau needs to require a certain level of digital literacy and cyber know-how across the board to confront the issue.
“Criminal reliance on technology is so great that cyber competence is an essential, not specialized, part of law enforcement,” said Mieke Eoyang, vice president of the national security program of think tank ThirdWay, who is currently researching FBI and workforce issues. “Unfortunately, we don’t see law enforcement developing a strategic, coherent approach to integrating cyber into their skill set.”
Ugoretz challenged the notion that the bureau is pivoting toward “cyber” crime the same way it reorganized to focus on terrorism. “The way cyber is talked about, it’s as if it’s something wholly unique, not something that’s connected to everything we do,” she said. “I think that’s not correct.”
“I know there’s been some analogies made to the post 9/11 shift in resources ... [but] it’s about making sure everyone, no matter what they’re working, has the perspective of whatever targets they’re working, whether it’s a criminal, nation state, hacktivist, how they’re using cyber-means to meet their objectives,” she said.
The essential challenge is how to make the entire bureau digitally competent. That includes providing basic digital training in how to apply for subpoenas to get information about a post on an online forum or on a social media website, remarked one former FBI cyber manager. However, the true technical work involved in intrusions is so “in the weeds” that many are not interested or not capable of developing those skills, the former manager said.
Multiple former FBI employees told Yahoo that part of the problem is that the bureau has been dominated by agents, while other employees with the specialized technical skills — sometimes dubbed “tech ninja wizards” — have little opportunity for advancement, according to one former FBI employee.
Employees also found the bureaucracy and paperwork associated with the FBI can be “crushing,” said one former FBI cyber employee. This is particularly true for anyone used to working in Silicon Valley. “You may have this grand vision of entering into a career of awesome cyber investigations and come to the realization that half your time will be paperwork.”
That paperwork, argued Ugoretz, is there for a reason. “Our primary mission that’s in really giant letters in the lobby is about preserving the Constitution and protecting the American people, and we can’t forget that part.”
Some employees with technical skills felt their talents were being underutilized due to bureaucratic ranking systems. “The bureau sucks at retaining people,” said one former FBI agent. “They actively drive talent away because they do not let the people they hired for their skills use the skills they were hired for in the first place.”
One of the biggest concerns for the bureau is competition from the private sector. Over recent years, the other intelligence agencies, particularly the NSA, suffered an exodus of talent amid disruptive reorganizations, clashes between military leadership and a civilian workforce, and lucrative salaries on the outside. The bureau is now facing a similar fate, though several former FBI employees interviewed by Yahoo said the bureaucratic roadblocks make it more difficult for the FBI to reward talented young cyber employees based on their rank, whereas NSA is better positioned to do that.
“It’s a highly competitive marketplace for talent,” said Gallagher, the former FBI special agent who now works at Kroll. “There’s literally over a million vacant cybersecurity jobs around the country.”
Even the FBI efforts to train employees, as opposed to recruiting cyber experts, can backfire. According to four of the former FBI employees interviewed by Yahoo, the FBI’s cyber training is extremely valuable — so valuable that it often allows them to find lucrative jobs in the private sector. It was after the training phase that people started leaving.
“The FBI is kind of a victim of its own success,” said one retired FBI agent. “Some people who landed in the cyber track felt like they were trapped,” the official explained, unable to return to criminal cases and play the field.
Former FBI cyber employees who spoke to Yahoo, as well as others whose departures were publicly announced, left the bureau for jobs in banks, consulting jobs, threat intelligence firms and even the NFL.
One of the reasons the FBI employees in New York leave is they can’t afford to live there on a government salary, a problem that extends to other tech hubs like San Francisco, Boston and Washington. High-ranking FBI employees can make in the six figures, but multiple former FBI employees, both agents and other employees, told Yahoo News their salaries often doubled or rose substantially when making the jump to the private sector. Seeking promotion within cyber roles at the bureau is also difficult, according to one former FBI cyber supervisor. “If you want to stay in cyber, promotion is unbelievably hard,” he said.
Even beyond the FBI’s own internal problems, it also faces challenges from inside government. As is often the case within the vast federal bureaucracy, cyber is subject to turf battles among agencies. The U.S. Secret Service is moving into cyber investigations, and routinely brings financial cases forward, and the Department of Homeland Security, created in 2002 following the 9/11 attack, has expanded into defending the nation’s networks and critical infrastructure from cyberattacks. In November 2018, the Trump administration mandated the creation of the Cybersecurity and Infrastructure Security Agency within the DHS.
Both the DHS and the FBI work with the private sector, and handle sensitive information on breaches, but the FBI and the Department of Justice serve as the lead for responding to a cyberattack, collecting evidence and tracking down those responsible, while DHS is in charge of “asset” response, offering technical assistance to prevent further damage.
Those lines aren’t always clear cut, however. “They’re constantly stepping on each other’s toes,” said one former FBI cyber employee, though cooperation has improved over time, others said.
While bureaucratic infighting and difficulties keeping talent are not necessarily new issues to the federal government, they are likely to be critical as the FBI prepares for the 2020 election. And behind the scenes, the FBI’s leadership appears to now be recognizing problems with retaining its cyber workforce, and within the last several months, the bureau began conducting a survey on retention of cyber employees, according to one source who received a copy of the questionnaire.
According to the FBI, the voluntary attrition rate for special agents in 2018 was .5 percent, while 2 to 3 percent chose to leave the cyber division.
“This isn’t just an FBI issue,” said Ugoretz, said of retention issues. “There’s certainly great demand in the government, private sector, academia, everywhere for people with cyber skill.”
Even despite complaints and concerns, nearly every former FBI employee who spoke to Yahoo News said they have thought about going back to government, nearly all citing the bureau’s national security mission as a primary factor.
But experts argue fixing the FBI’s problems, and retaining employees, will require major changes directed from the top, as well as support from Congress and the White House. Baker, the retired FBI general counsel, said that’s what Mueller did following 9/11, and something of that magnitude will be required now.
“The FBI is well aware of the seriousness of the cyberthreat and that it must organize itself to deal effectively with that threat. Doing so will require leadership and effective management,” said Baker.
“Some china is going to have to be broken,” he concluded.
https://www.rit.edu/news/rit-cyber-fighters-go-deep-tor-security
April 23, 2019
by [Scott Bureau](mailto:sbbcom@rit.edu)
Follow[@scottbureau](https://www.twitter.com/scottbureau)
RIT cyber fighters go deep on Tor security
[Share on Facebook](https://www.facebook.com/sharer/sharer.php?u=https://www.rit.edu/… [Share on Twitter](https://twitter.com/intent/tweet?text=RIT cyber fighters go deep on Tor security%20https://www.rit.edu/news/rit-cyber-fighters-go-deep-tor-security…) [Share on LinkedIn](https://www.linkedin.com/shareArticle?mini=true&url=https://www.r… cyber fighters go deep on Tor security&summary=Recognizing that the internet is not always secure, millions of people are turning to the Tor anonymity system as a way to browse the World Wide Web more privately. However, Tor has been found to have its own vulnerabilities. This has a team of faculty and students from RIT’s Center for Cybersecurity researching the extent of the problem and ways to address it.) [Share on Reddit](https://www.reddit.com/submit?url=https://www.rit.edu/news/rit-cybe… cyber fighters go deep on Tor security&text=Recognizing that the internet is not always secure, millions of people are turning to the Tor anonymity system as a way to browse the World Wide Web more privately. However, Tor has been found to have its own vulnerabilities. This has a team of faculty and students from RIT’s Center for Cybersecurity researching the extent of the problem and ways to address it.) [Share via Email](mailto:?subject=RIT cyber fighters go deep on Tor security&body=https://www.rit.edu/news/rit-cyber-fighters-go-deep-tor-secur…)
[Three researchers sit at a desk on computers.]
Gabrielle Plucknette-DeVito
Every week, the cybersecurity research team meets for a “scrum” to discuss the latest updates on their Tor security projects and bounce ideas for new attacks and defenses off each other.
Recognizing that the internet is not always secure, millions of people are turning to the Tor anonymity system as a way to browse the World Wide Web more privately.
However, Tor has been found to have its own vulnerabilities, including an attack known as website fingerprinting. This has a team of faculty and students from RIT’s Center for Cybersecurity researching the extent of the problem and ways to address it.
Led by Matthew Wright, director of the center, and supported by a series of projects funded by the National Science Foundation, the team aims to think like future attackers so it can develop defenses that will last. The result: creating new attacks and defenses that use the latest advances in deep learning.
“Deep learning has proven to be effective in so many applications,” said Wright, who is also a professor of computing security. “From self-driving cars to voice recognition in smart home speakers—it’s just a matter of time before attackers take advantage of those same techniques.”
Privacy for all
With more than 8 million daily users, Tor has become a popular free tool for activists, law enforcement, businesses, military, people living in countries with censorship, and even regular privacy-conscious individuals.
“When journalists need to communicate more safely with whistleblowers and dissidents, they often use Tor,” said Wright. “We need this more secure way to access the internet because it’s essential to our freedom of speech and privacy.”
Wright explained that Tor creates a secure browsing experience by encrypting all its connections and sending traffic on a path through several random servers, rather than making a direct connection to the user’s desired website. It protects against snooping on which sites a user visits, such as sites on sensitive issues like religion, health, or politics.
With the website fingerprinting attack, local eavesdroppers or internet service providers can collect the encrypted traffic and identify which website the user is visiting based on specific patterns in the traffic. While hackers can’t actually see what a user did on the website, they have already learned something that the user is trying to protect.
Deep fingerprinting
Tor developers were considering two defenses against website fingerprinting that could cut the attack’s accuracy in half.
Payap Sirinam, a computing and information sciences Ph.D. student, was tasked with exploring the potential for deep learning in the website fingerprinting attack.
Adversaries are going to develop this technology themselves anyway, so the RIT team wanted to figure out how future attacks might work.
While the first website fingerprinting attack used machine-learning classifiers with manually developed features to analyze traffic, the team’s new attack would use deep learning, which extracts features automatically.
“You manually train a machine-learning computer to recognize patterns in web traffic that humans can’t see—that’s why it’s so good at this attack,” said Sirinam, who is from Thailand. “By using deep learning, attackers are essentially able to spend less time training, while finding even more patterns that they can use to identify a website.”
The RIT team’s new attack, called Deep Fingerprinting, was based on a Convolutional Neural Network (CNN) that was designed using cutting-edge deep-learning methods. The attack automatically extracts features from packet traces and does not require handcrafting features for classification.
After thousands of hours running trace experiments in a closed-world setting, the new attack outperformed all previous state-of-the-art website fingerprinting attacks. The attack was 98 percent effective against Tor. Even against existing defenses, Deep Fingerprinting had more than 90-percent accuracy.
The Deep Fingerprinting project included work from Sirinam; Professor Wright; Marc Juarez, a Ph.D. student at the Belgian research university KU Leuven; and Mohsen Imani, a former Ph.D. student of Wright’s at University of Texas at Arlington. A paper on the NSF-sponsored work was a finalist for an Outstanding Paper Award, placing it in the top 1 percent of all submitted papers, at the 2018 ACM Conference on Computer and Communications Security in Toronto.
“Now that we know which defenses aren’t going to work against the new top-level attacks, it’s up to us to create defenses that do,” said Sirinam.
Upping our defense
Nate Mathews, a fourth-year computing security major, finds it fun to work with really difficult and ambiguous problems. However, the dilemma he’s currently trying to solve is one that his mentor created.
Working together with Sirinam, Mathews is trying to better understand why the Deep Fingerprinting attack is so effective, in order to develop a defense that can stop it.
Mathews describes deep learning as a black box. Researchers put data in and output arrives at the other end. But it’s difficult to see the inner workings of the box.
“If we could figure out which data features the deep learning thinks is important, we can identify the particular regions to defend,” said Mathews, who is from Ross, Ohio.
To help visualize which parts of a trace are most important to the classification decision made by deep learning, the team is applying the GradCAM technique. Traditionally used in image classification, GradCAM generates heatmaps that show what parts of the trace the deep learning algorithm is focusing on.
Using their findings, Mathews and Sirinam are proposing ways to add fake packets to these important parts of the trace, which can confuse the deep-learning algorithms.
“It’s like adding noise to a picture of a cat, so you can hide what kind of animal it is,” said Wright. “You can add noise to the entire picture, but that’s expensive in our setting. But if we can obscure the ears and the face, it might be enough.”
Saidur Rahman, a computing and information sciences Ph.D. student, and Aneesh Yogesh Joshi, a computer science master’s degree student from India, are also developing a new defense strategy that is meant to trick the deep learning.
Known as the adversarial examples defense, it uses deep learning to add packets and modify website traces in a way that causes the classifier to misclassify.
“We borrowed the idea from the domain of computer vision, where you can distort patterns in the model,” said Rahman, who is from Bangladesh. “This defense can make Facebook traffic look like Google traffic.”
Before implementing any new defense, the team needs to complete thousands of experiments in closed-world and more realistic open-world settings. They also need to take bandwidth and latency overhead into account. If a defense is going to slow the system down to a halt, users may find that the benefits no longer outweigh the cost.
Bolstering the attacks
Taking it one step further, the experts at RIT are trying to find other attacks they could use to test the robustness of their defenses.
They are developing Tik-Tok, an attack that uses packet timing information. Prior attacks discounted timing information because the characteristics change on each visit to a site, making it hard to extract patterns.
“We saw this as a largely untapped resource and something that might benefit from adding deep-learning classifiers,” said Rahman. “We selected and extracted eight new timing features that provide a lot of value.”
Preliminary results indicate that Tik-Tok could be a successful attack in the future.
Sirinam is also developing a new attack and subsequent defense as the last part of his dissertation. Using a branch of deep learning that he borrowed from facial recognition, he plans to create an attack that is more realistic than Deep Fingerprinting.
While the Deep Fingerprinting model may require 1,000 examples from each website to classify correctly, the new n-shot learning with triplet networks concept allows a classifier to learn from only five examples.
“N-shot learning is like an eco-car that requires fewer resources and has reasonably good performance, while the sports car—like Deep Fingerprinting—requires rich resources in order to perform at its best,” said Sirinam. “This shows the danger of website fingerprinting attacks, even with less powerful adversaries, so we need to figure out a way to stop them.”
Wright said that throughout these research projects, the Tor community has been an amazing partner and appreciative of RIT’s efforts. Many of these defenses could be implemented on Tor in the next two to three years.
“We know that our defenses will likely be broken in the future—that’s the nature of cybersecurity,” said Wright. “But we are coming up with solutions that will help people around the world stay safe for the time being, and I think that’s what really matters now.”
Global Cybersecurity Institute
Construction is underway for RIT’s Global Cybersecurity Institute, which will help the university become a nexus of cybersecurity education and research.
The three-story facility will include a cyber learning experience center, a simulated security operations center, labs, and offices. The institute will address the critical workforce needs in cybersecurity through education and professional development programs.
It is expected to open in July 2020 and will be the first facility of its kind in upstate New York.
https://zombieloadattack.com/https://zombieloadattack.com/zombieload.pdfhttps://www.cyberus-technology.de/posts/2019-05-14-zombieload.htmlhttps://github.com/IAIK/ZombieLoadhttps://github.com/intel/Intel-Linux-Processor-Microcode-Data-Fileshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130https://www.youtube.com/watch?v=wQvgyChrk_g
ZombieLoad Attack
Watch out! Your processor resurrects your private browsing-history and
other sensitive data.
After Meltdown, Spectre, and Foreshadow, we discovered more critical
vulnerabilities in modern processors. The ZombieLoad attack allows
stealing sensitive data and keys while the computer accesses them.
While programs normally only see their own data, a malicious program
can exploit the fill buffers to get hold of secrets currently
processed by other running programs. These secrets can be user-level
secrets, such as browser history, website content, user keys, and
passwords, or system-level secrets, such as disk encryption keys.
The attack does not only work on personal computers but can also be
exploited in the cloud.
We verified the ZombieLoad attack on Intel processor generations
released from 2011 onwards.
ZombieLoad in Action
In our demo, we show how an attacker can monitor the websites the
victim is visiting despite using the privacy-protecting Tor browser in
a virtual machine.
Mitre - Date Entry Created: 20180611
As usual, news apparently held back for exploit by anyone,
including their NSA friends... for AGES.
"
2. Neither the name of Intel Corporation nor the names of its suppliers may
be used to endorse or promote products derived from this software without
specific prior written permission.
3. No reverse engineering, decompilation, or disassembly of this software
is permitted.
"
Because they suck, that's why.
Anybody starting up #OpenFabs printing #OpenHW yet?
Till then all ur crypto... is not.
Remember kidz, hacking bad, lulz ;)
"One of the many pressing stories that remains to be told from the Snowden archive is how western intelligence agencies are attempting to manipulate and control online discourse with extreme tactics of deception and reputation-destruction. It’s time to tell a chunk of that story, complete with the relevant documents.
Over the last several weeks, I worked with NBC News to publish a series of articles about “dirty trick” tactics used by GCHQ’s previously secret unit, JTRIG (Joint Threat Research Intelligence Group). These were based on four classified GCHQ documents presented to the NSA and the other three partners in the English-speaking “Five Eyes” alliance. Today, we at the Intercept are publishing another new JTRIG document, in full, entitled “The Art of Deception: Training for Online Covert Operations.”
By publishing these stories one by one, our NBC reporting highlighted some of the key, discrete revelations: the monitoring of YouTube and Blogger, the targeting of Anonymous with the very same DDoS attacks they accuse “hacktivists” of using, the use of “honey traps” (luring people into compromising situations using sex) and destructive viruses. But, here, I want to focus and elaborate on the overarching point revealed by all of these documents: namely, that these agencies are attempting to control, infiltrate, manipulate, and warp online discourse, and in doing so, are compromising the integrity of the internet itself.
https://theintercept.com/2014/02/24/jtrig-manipulation/
Rr
Sent from my Androgyne dee-vice with K-9 Mail
...
> The speed of light in gases is slightly slower: It is about 0.05% lower in air at sea level.
>
> The speed of light in typical glass is about 2/3's of 'c'.
>
> In typical glass, the speed of light varies a bit with wavelength.
> https://en.wikipedia.org/wiki/Prism
>
> For many decades, diffraction gratings have been used to separate colors of light.
>
> https://en.wikipedia.org/wiki/Diffraction_grating
>
> The shiny surface of a CDROM or DVD approximates that of a diffraction grating,
> You can aim the beam from a laser at a CDROM or DVD to see different reflections.
> If you start with a light beam generated with a LED (Light Emitting Diode; which has a much wider spectrum than a laser) you could see the spectrum it possesses.
another fun feature of light interaction is that it can induce matter into cohesive movements, like vortices:
https://phys.org/news/2019-05-whirlpools-electrons.html
Twisting whirlpools of electrons
by [Ecole Polytechnique Federale de Lausanne](http://www.epfl.ch/)
In Jules Verne's famous classic 20,000 Leagues Under the Sea, the iconic submarine Nautilus disappears into the Moskenstraumen, a massive whirlpool off the coast of Norway. In space, stars spiral around black holes; on Earth, swirling cyclones, tornadoes and dust devils rip across the land.
All these phenomena have a vortex shape, which is commonly found in nature, from galaxies to milk stirred into coffee. In the subatomic world, a stream of elementary particles or energy will spiral around a fixed axis like the tip of a corkscrew. When particles move like this, they form what we call "[vortex beams](https://phys.org/tags/vortex+beams/)." These beams imply that the particle has a well-defined orbital angular momentum, which describes the rotation of a particle around a fixed point.
Thus, vortex beams can give us new ways of interacting with matter, e.g. enhanced sensitivity to magnetic fields in sensors, or generating new absorption channels for the interaction between radiation and tissue in medical treatments (e.g. radiotherapy). But vortex beams also enable new channels in basic interactions among elementary particles, promising new insights into the inner structure of particles such as neutrons, protons or ions.
Matter exhibits wave-particle duality. This means that scientists can make massive particles form vortex beams simply by modulating their wave function. This can be done with a device called a "passive phase mask," which can be thought of as a standing obstacle in the sea. When waves at sea crash into it, their "wave-ness" shifts and they form whirlpools. Physicists have been using the passive phase mask method to make vortex beams of electrons and neutrons.
But now, scientists from the lab of Fabrizio Carbone at EPFL have demonstrated that it is possible to use light to dynamically twist an individual electron's wave function. They were able to generate an ultrashort vortex electron beam and actively switch its vorticity on the attosecond (10-18 seconds) timescale.
To do this, the team exploited one of the fundamental rules governing the interaction of particles on the nanoscale level: energy and momentum conservation. What this means is that the sum of the energies, masses and velocities of two particles before and after their collision must be the same. This constraint causes an electron to gain orbital angular momentum during its interaction with an ad hoc prepared light field, i.e. a chiral plasmon.
In experimental terms, the scientists fired circularly polarized, ultrashort laser pulses through a nano-hole in a metallic film. This induced a strong, localized electromagnetic field (the chiral plasmon), and individual electrons were made to interact with it. The scientists used an ultrafast transmission electron microscope to monitor the resulting phase profiles of the electrons. What they discovered was that during the interaction of the electrons with the field, the [wave function](https://phys.org/tags/wave+function/) of the electrons took on a chiral modulation, a right- or left-handed movement whose "handedness" can be actively controlled by adjusting the polarization of the laser pulses.
"There are many practical applications from these experiments," says Fabrizio Carbone. "Ultrafast [vortex](https://phys.org/tags/vortex/) electron beams can be used to encode and manipulate quantum information; the electrons' orbital [angular momentum](https://phys.org/tags/angular+momentum/) can be transferred to the spins of magnetic materials to control the topological charge in new devices for data storage. But even more intriguingly, using light to dynamically twist matter waves offers a new perspective in shaping protons or ion beams such as those used in medical therapy, possibly enabling new radiation-matter interaction mechanisms that can be very useful for selective tissue ablation techniques."
More information: G. M. Vanacore, et al. Ultrafast generation and control of an electron vortex beam via chiral plasmonic near fields. Nature Materials 06 May 2019.
http://dx.doi.org/10.1038/s41563-019-0336-1
